Primary

Context

AUMA Riester Products Buffer Overflow Vulnerability via Bluetooth or RS-232 Interface

Vulnerability

A buffer overflow vulnerability has been identified in AUMA Riester products, including the AC1.2, MEC 03.01, PROFOX, SGx/SVx, TIGRON, and TIGRON SIL series. This vulnerability allows an unauthenticated remote attacker to cause a buffer overflow by sending excessive data through the service telegram, which can lead to unexpected behavior or a denial-of-service condition. The issue arises when the service telegram is transmitted via Bluetooth or the RS-232 interface.

Impact

Exploitation of this vulnerability causes a buffer overflow, leading to unexpected behavior such as restarting the actuator controls.

Remediation

For actuators with Bluetooth, it is recommended to update the firmware to a version that addresses the buffer overflow. For actuators without Bluetooth, restrict physical access to the device and update the firmware if possible.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AUMA Riester Products Buffer Overflow Vulnerability via Bluetooth or RS-232 Interface

Vulnerability

Impact

Remediation

Affected Products

AUMA Riester AC1.2

AUMA Riester MEC 03.01

AUMA Riester PROFOX

AUMA Riester SGx

AUMA Riester SVx

AUMA Riester TIGRON

AUMA Riester TIGRON SIL

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating